Alternatives and similar repositories for reflected-parameters:

Users that are interested in reflected-parameters are comparing it to the libraries listed below

• emadshanab / Huge_DIR_wordlist
  ☆48Updated 4 years ago
• Rhynorater / reports
  ☆59Updated 7 months ago
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 3 years ago
• thelikes / gwdomains
  sub domain wild card filtering tool
  ☆41Updated 4 years ago
• Sy3Omda / burp-bounty
  Burp Bounty profiles
  ☆82Updated 3 years ago
• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆90Updated this week
• Sambal0x / Recon-tools
  Some of my bug bounty tools
  ☆48Updated 5 years ago
• riramar / DesyncCL0
  A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.
  ☆36Updated 2 years ago
• defparam / haptyc
  ☆94Updated 3 years ago
• codingo / microsubs
  A collection of code for interacting with API sources directly to improve your understanding of those services.
  ☆66Updated 4 years ago
• Damian89 / simple-oob-scanner
  Simple tool to test for SSRF/OOB HTTP Read within the Path of a request
  ☆30Updated 5 years ago
• cqsd / daily-commonspeak2
  commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …
  ☆40Updated 3 years ago
• sw33tLie / ugly-scripts
  A collection of scripts for bug-bounty related stuff
  ☆38Updated 4 years ago
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆51Updated 3 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 4 years ago
• PortSwigger / bypass-waf
  Add headers to all Burp requests to bypass some WAF products
  ☆38Updated last year
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆46Updated last year
• neex / ghostinthepdf
  ☆159Updated 3 years ago
• Dheerajmadhukar / karma_v1
  KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…
  ☆58Updated 3 years ago
• assetnote / h2csmuggler
  ☆71Updated last year
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆56Updated 2 years ago
• JR0ch17 / rdse
  Extracts subdomains from a specified domain using https://recon.dev.
  ☆16Updated 4 years ago
• Cgboal / exclude-cdn
  Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
  ☆42Updated last year
• 254Labs / awesome-bambdas
  A collection of Burp Suite Lambda Filters ~ Bambdas
  ☆25Updated 4 months ago
• tehryanx / sprawl
  Expand urls into one url for each path depth
  ☆32Updated 4 years ago
• w9w / bugbounty_changelogs
  ☆57Updated last month
• R0X4R / ssrf-tool
  An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
  ☆43Updated 4 years ago
• hussein98d / LFI-files
  Wordlist to bruteforce for LFI
  ☆122Updated 5 years ago
• BountyStrike / Emissary
  Send notifications on different channels such as Slack, Telegram, Discord etc.
  ☆39Updated last year
• akincibor / 403-bypass
  Enhanced 403 bypass header
  ☆21Updated 2 years ago